[Server-devel] Access denied by Squid
Adrian Chadd
adrian at squid-cache.org
Mon Feb 18 21:47:33 EST 2008
On Mon, Feb 18, 2008, Tony Pearson wrote:
> Adrian,
> Thanks. I am sure it is something simple that I just don't see.
Ok.
First thing - get IP connectivity working. Is the school server
doing NAT? is the Squid server doing NAT? Is the DSL/Sat modem doing NAT?
The DSL modem may need to know that the 10.0.0.0/24 and the 172.16.0.0/12
networks are reachable via the Squid server; the Squid server may
need to know that 172.16.0.0/12 is reachable via the school server, the school
server may need to know the DSL/modem subnet (192.168.?) is reachable
via the Squid box. This is all to make sure stuff doesn't break. Of course,
what needs routes to what depends on what is NATting. :)
Next, the squid config. You've got the config looking about right -
acl 'school' has the 172.18/16 subnet. But if the school server is
NATting then all the requests will come from 10.0.0.77, not from
the individual school IPs. Check the squid access.log file to see what
the source address of the requests are.
Hopefully thats a good starting point to figure out whats going on.
Is there any reason why the web content and filtering isn't on the school
server atm?
Adrian
More information about the Server-devel
mailing list